Add Standardized Configuration to POLICY

Change-Id: Iabdb2bba14b5095c08ff2920aec97a213e0acb30
Issue-ID: OOM-745
Signed-off-by: mayankg2703 <mayank.gupta@amdocs.com>
Signed-off-by: Mike Elliott <mike.elliott@amdocs.com>
Signed-off-by: Mandeep Khinda <mandeep.khinda@amdocs.com>
diff --git a/kubernetes/policy/charts/brmsgw/Chart.yaml b/kubernetes/policy/charts/brmsgw/Chart.yaml
new file mode 100644
index 0000000..d6aafe4
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Policy BRMS GW
+name: brmsgw
+version: 2.0.0
diff --git a/kubernetes/policy/charts/brmsgw/requirements.yaml b/kubernetes/policy/charts/brmsgw/requirements.yaml
new file mode 100644
index 0000000..f639633
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/requirements.yaml
@@ -0,0 +1,21 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh
new file mode 100644
index 0000000..5c3a2a1
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh
@@ -0,0 +1,52 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#! /bin/bash
+
+PROPS_BUILD="${POLICY_HOME}/etc/build.info"
+
+PROPS_RUNTIME="${POLICY_HOME}/servers/brmsgw/config.properties"
+PROPS_INSTALL="${POLICY_HOME}/install/servers/brmsgw/config.properties"
+
+
+if [ ! -f "${PROPS_BUILD}" ]; then
+	echo "error: version information does not exist: ${PROPS_BUILD}"
+	exit 1
+fi
+
+source "${POLICY_HOME}/etc/build.info"
+
+if [ -z "${version}" ]; then
+	echo "error: no version information present"
+	exit 1
+fi
+
+for CONFIG in ${PROPS_RUNTIME} ${PROPS_INSTALL}; do
+	if [ ! -f "${CONFIG}" ]; then
+		echo "warning: configuration does not exist: ${CONFIG}"
+	else
+		sed -i -e "s/brms.dependency.version=.*/brms.dependency.version=${version}/g" "${CONFIG}"
+	fi
+done
+
+DEPS_JSON_RUNTIME="${POLICY_HOME}/servers/brmsgw/dependency.json"
+DEPS_JSON_INSTALL="${POLICY_HOME}/install/servers/brmsgw/dependency.json"
+
+for DEP in ${DEPS_JSON_RUNTIME} ${DEPS_JSON_INSTALL}; do
+	if [ ! -f "${DEP}" ]; then
+		echo "warning: configuration does not exist: ${DEP}"
+	else
+		sed -i -e "s/\"version\":.*-SNAPSHOT\"/\"version\": \"${version}\"/g" "${DEP}"
+	fi
+done
diff --git a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf
new file mode 100644
index 0000000..6a0012d
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf
@@ -0,0 +1,67 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# BRMSpep component installation configuration parameters
+BRMSGW_JMX_PORT=9989
+
+COMPONENT_X_MX_MB=1024
+COMPONENT_X_MS_MB=1024
+
+REST_PAP_URL=http://{{ .Release.Name }}-{{ .Values.global.pap.nameOverride }}:9091/pap/
+REST_PDP_ID=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}:8081/pdp/
+
+PDP_HTTP_USER_ID=testpdp
+PDP_HTTP_PASSWORD=alpha123
+PDP_PAP_PDP_HTTP_USER_ID=testpap
+PDP_PAP_PDP_HTTP_PASSWORD=alpha123
+
+M2_HOME=/usr/share/maven
+snapshotRepositoryID=policy-nexus-snapshots
+snapshotRepositoryName=Snapshots
+snapshotRepositoryURL=http://{{ .Release.Name }}-{{ .Values.global.nexus.nameOverride }}:8081/nexus/content/repositories/snapshots
+releaseRepositoryID=policy-nexus-releases
+releaseRepositoryName=Releases
+releaseRepositoryURL=http://{{ .Release.Name }}-{{ .Values.global.nexus.nameOverride }}:8081/nexus/content/repositories/releases
+repositoryUsername=admin
+repositoryPassword=admin123
+UEB_URL=dmaap
+UEB_TOPIC=PDPD-CONFIGURATION
+UEB_API_KEY=
+UEB_API_SECRET=
+
+groupID=org.onap.policy-engine
+artifactID=drlPDPGroup
+AMSTERDAM_GROUP_ID=org.onap.policy-engine.drools.amsterdam
+AMSTERDAM_ARTIFACT_ID=policy-amsterdam-rules
+
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=brmsgw_1
+node_type=brms_gateway
+
+#Environment should be Set either DEV, TEST or PROD
+ENVIRONMENT=TEST
+
+#Notification Properties... type can be either websocket, ueb, or dmaap
+BRMS_NOTIFICATION_TYPE=websocket
+BRMS_UEB_URL=dmaap
+BRMS_UEB_TOPIC=PDPD-CONFIGURATION
+BRMS_UEB_DELAY=
+BRMS_CLIENT_ID=python
+BRMS_CLIENT_KEY=dGVzdA==
+BRMS_UEB_API_KEY=
+BRMS_UEB_API_SECRET=
+
+#Dependency.json file version
+BRMS_DEPENDENCY_VERSION=1.2.0
+
diff --git a/kubernetes/policy/charts/brmsgw/templates/NOTES.txt b/kubernetes/policy/charts/brmsgw/templates/NOTES.txt
new file mode 100644
index 0000000..91d8ed4
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/charts/brmsgw/templates/configmap.yaml b/kubernetes/policy/charts/brmsgw/templates/configmap.yaml
new file mode 100644
index 0000000..054338b
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/templates/configmap.yaml
@@ -0,0 +1,22 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-pe-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }}
+
diff --git a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
new file mode 100644
index 0000000..cd715e4
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
@@ -0,0 +1,109 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - {{ .Values.global.pap.nameOverride }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+      containers:
+      - command:
+        - /bin/bash
+        - ./do-start.sh
+        - brmsgw
+        name: {{ include "common.name" . }}
+        image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        ports:
+        - containerPort: {{ .Values.service.externalPort }}
+        {{- if eq .Values.liveness.enabled true }}
+        livenessProbe:
+          tcpSocket:
+            port: {{ .Values.service.externalPort }}
+          initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.liveness.periodSeconds }}
+        {{- end }}
+        readinessProbe:
+          tcpSocket:
+            port: {{ .Values.service.externalPort }}
+          initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.readiness.periodSeconds }}
+        volumeMounts:
+        - mountPath: /etc/localtime
+          name: localtime
+          readOnly: true
+        - mountPath: /tmp/policy-install/config
+          name: pe-brmsgw
+        - mountPath: /tmp/policy-install/config/base.conf
+          name: pe
+          subPath: base.conf
+        - mountPath: /tmp/policy-install/do-start.sh
+          name: pe-scripts
+          subPath: do-start.sh
+        resources:
+{{ toYaml .Values.resources | indent 12 }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+      {{- end -}}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+      {{- end }}
+      volumes:
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+        - name: pe
+          configMap:
+            name: {{ .Release.Name }}-pe-configmap
+            defaultMode: 0755
+        - name: pe-scripts
+          configMap:
+            name: {{ .Release.Name }}-pe-scripts-configmap
+            defaultMode: 0777
+        - name: pe-brmsgw
+          configMap:
+            name: {{ include "common.fullname" . }}-pe-configmap
+            defaultMode: 0755
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/brmsgw/templates/service.yaml b/kubernetes/policy/charts/brmsgw/templates/service.yaml
new file mode 100644
index 0000000..ebec058
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/templates/service.yaml
@@ -0,0 +1,39 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.externalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.name }}
+    {{- else -}}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.name }}
+    {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml
new file mode 100644
index 0000000..3890e9e
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/values.yaml
@@ -0,0 +1,87 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-pe:1.2-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
+config: {}
+#  username: myusername
+#  password: mypassword
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: false
+
+readiness:
+  initialDelaySeconds: 30
+  periodSeconds: 10
+
+service:
+  type: NodePort
+  name: brmsgw
+  externalPort: 9989
+  nodePort: 16
+
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi
diff --git a/kubernetes/policy/charts/drools/Chart.yaml b/kubernetes/policy/charts/drools/Chart.yaml
new file mode 100644
index 0000000..4f753c0
--- /dev/null
+++ b/kubernetes/policy/charts/drools/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Drools Policy Engine 
+name: drools
+version: 2.0.0
diff --git a/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml
new file mode 100644
index 0000000..65916b6
--- /dev/null
+++ b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Policy Nexus
+name: nexus
+version: 2.0.0
diff --git a/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml
new file mode 100644
index 0000000..f639633
--- /dev/null
+++ b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml
@@ -0,0 +1,21 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt b/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt
new file mode 100644
index 0000000..57947a6
--- /dev/null
+++ b/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml
new file mode 100644
index 0000000..910ade9
--- /dev/null
+++ b/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml
@@ -0,0 +1,86 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - {{ .Values.global.mariadb.nameOverride }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+      containers:
+        - name: {{ include "common.name" . }}
+          image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          ports:
+          - containerPort: {{ .Values.service.internalPort }}
+          {{- if eq .Values.liveness.enabled true }}
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.service.internalPort }}
+            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.liveness.periodSeconds }}
+          {{ end -}}
+          readinessProbe:
+            httpGet:
+              path: {{ .Values.readiness.path }}
+              port: {{ .Values.service.internalPort }}
+            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readiness.periodSeconds }}
+          volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+        {{- if .Values.nodeSelector }}
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml
new file mode 100644
index 0000000..5447d91
--- /dev/null
+++ b/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml
@@ -0,0 +1,32 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  ports:
+    - port: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.name }}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
+  clusterIP: None
diff --git a/kubernetes/policy/charts/drools/charts/nexus/values.yaml b/kubernetes/policy/charts/drools/charts/nexus/values.yaml
new file mode 100644
index 0000000..f8d80b0
--- /dev/null
+++ b/kubernetes/policy/charts/drools/charts/nexus/values.yaml
@@ -0,0 +1,86 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-nexus:1.2-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
+config: {}
+#  username: myusername
+#  password: mypassword
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: true
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  path: /nexus/service/local/status
+
+service:
+  type: NodePort
+  name: nexus
+  internalPort: 8081
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi
diff --git a/kubernetes/policy/charts/drools/requirements.yaml b/kubernetes/policy/charts/drools/requirements.yaml
new file mode 100644
index 0000000..f639633
--- /dev/null
+++ b/kubernetes/policy/charts/drools/requirements.yaml
@@ -0,0 +1,21 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/charts/drools/resources/config/drools/settings.xml b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml
new file mode 100755
index 0000000..e899a00
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml
@@ -0,0 +1,95 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+
+<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
+
+<!--
+  <proxies>
+          <proxy>
+              <id>http-proxy</id>
+              <active>true</active>
+              <protocol>http</protocol>
+              <host>fastweb.int.bell.ca</host>
+              <port>80</port>
+              <nonProxyHosts>localhost|127.0.0.1|*.svc.cluster.local|nexus</nonProxyHosts>
+          </proxy>
+          <proxy>
+              <id>https-proxy</id>
+              <active>true</active>
+              <protocol>https</protocol>
+              <host>fastweb.int.bell.ca</host>
+              <port>80</port>
+              <nonProxyHosts>localhost|127.0.0.1|*.svc.cluster.local|nexus</nonProxyHosts>
+          </proxy>
+      </proxies>
+-->
+  <profiles>
+    <profile>
+      <id>policy-profile</id>
+      <activation>
+        <activeByDefault>true</activeByDefault>
+      </activation>
+
+      <repositories>
+        <repository>
+          <id>policy-nexus-snapshots</id>
+          <url>http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/snapshots/</url>
+          <releases>
+            <enabled>false</enabled>
+            <updatePolicy>always</updatePolicy>
+          </releases>
+          <snapshots>
+            <enabled>true</enabled>
+            <updatePolicy>always</updatePolicy>
+          </snapshots>
+        </repository>
+
+        <repository>
+          <id>policy-nexus-releases</id>
+          <url>http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/releases/</url>
+          <releases>
+            <enabled>true</enabled>
+            <updatePolicy>always</updatePolicy>
+          </releases>
+          <snapshots>
+            <enabled>false</enabled>
+            <updatePolicy>always</updatePolicy>
+          </snapshots>
+        </repository>
+      </repositories>
+
+    </profile>
+  </profiles>
+
+  <activeProfiles>
+    <activeProfile>policy-profile</activeProfile>
+  </activeProfiles>
+
+  <servers>
+    <server>
+      <id>policy-nexus-snapshots</id>
+      <username>admin</username>
+      <password>admin123</password>
+    </server>
+    <server>
+      <id>policy-nexus-releases</id>
+      <username>admin</username>
+      <password>admin123</password>
+    </server>
+  </servers>
+
+</settings>
diff --git a/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml
new file mode 100644
index 0000000..4b058f1
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml
@@ -0,0 +1,103 @@
+<!--
+# Copyright © 2017 Amdocs, Bell Canada,AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+
+<configuration scan="true" scanPeriod="30 seconds" debug="false">
+
+	<property name="logDir" value="/var/log/onap" />
+
+	<property name="errorLog" value="error" />
+	<property name="debugLog" value="debug" />
+	<property name="networkLog" value="network" />
+
+	<property name="debugPattern" value="[%date|%level|%logger{0}|%thread] %msg%n" />
+	<property name="errorPattern" value="${debugPattern}" />
+	<property name="networkPattern" value="[%d|%t]%m%n" />
+
+	<appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+		<file>${logDir}/${errorLog}.log</file>
+		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+			<fileNamePattern>${logDir}/${errorLog}.%i.log.zip</fileNamePattern>
+			<minIndex>1</minIndex>
+			<maxIndex>5</maxIndex>
+		</rollingPolicy>
+		<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+			<level>WARN</level>
+		</filter>
+		<triggeringPolicy
+			class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+			<maxFileSize>15MB</maxFileSize>
+		</triggeringPolicy>
+		<encoder>
+			<pattern>${errorPattern}</pattern>
+		</encoder>
+	</appender>
+
+	<appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">
+		<appender-ref ref="ErrorOut" />
+	</appender>
+
+	<appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+		<file>${logDir}/${debugLog}.log</file>
+		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+			<fileNamePattern>${logDir}/${debugLog}.%i.log.zip</fileNamePattern>
+			<minIndex>1</minIndex>
+			<maxIndex>9</maxIndex>
+		</rollingPolicy>
+		<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+			<maxFileSize>20MB</maxFileSize>
+		</triggeringPolicy>
+		<encoder>
+			<pattern>${debugPattern}</pattern>
+		</encoder>
+	</appender>
+
+	<appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">
+		<appender-ref ref="DebugOut" />
+	</appender>
+
+	<appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+		<file>${logDir}/${networkLog}.log</file>
+		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+			<fileNamePattern>${logDir}/${networkLog}.%i.log.zip</fileNamePattern>
+			<minIndex>1</minIndex>
+			<maxIndex>9</maxIndex>
+		</rollingPolicy>
+		<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+			<maxFileSize>15MB</maxFileSize>
+		</triggeringPolicy>
+		<encoder>
+			<pattern>${networkPattern}</pattern>
+		</encoder>
+	</appender>
+
+	<appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">
+		<appender-ref ref="NetworkOut" />
+	</appender>
+
+	<logger name="network" level="INFO" additivity="false">
+		<appender-ref ref="AsyncNetworkOut" />
+	</logger>
+
+	<logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">
+		<appender-ref ref="AsyncNetworkOut" />
+	</logger>
+
+	<root level="INFO">
+		<appender-ref ref="AsyncDebugOut" />
+		<appender-ref ref="AsyncErrorOut" />
+	</root>
+
+</configuration>
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
new file mode 100644
index 0000000..aec7bf2
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
@@ -0,0 +1,94 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# SYSTEM software configuration 
+
+POLICY_HOME=/opt/app/policy
+POLICY_LOGS=/var/log/ONAP/policy
+JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
+KEYSTORE_PASSWD=PolicyR0ck$
+
+# Telemetry credentials
+
+ENGINE_MANAGEMENT_PORT=9696
+ENGINE_MANAGEMENT_HOST=0.0.0.0
+ENGINE_MANAGEMENT_USER=@1b3rt
+ENGINE_MANAGEMENT_PASSWORD=31nst31n
+
+# nexus repository
+
+snapshotRepositoryID=policy-nexus-snapshots
+snapshotRepositoryUrl=http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/snapshots/
+releaseRepositoryID=policy-nexus-releases
+releaseRepositoryUrl=http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/releases/
+repositoryUsername=admin
+repositoryPassword=admin123
+
+# Relational (SQL) DB access 
+
+SQL_HOST={{.Release.Name}}-{{.Values.global.mariadb.nameOverride}}
+SQL_USER=policy_user
+SQL_PASSWORD=policy_user
+
+# PDP-D DMaaP configuration channel
+
+PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION
+PDPD_CONFIGURATION_SERVERS=dmaap
+PDPD_CONFIGURATION_API_KEY=
+PDPD_CONFIGURATION_API_SECRET=
+PDPD_CONFIGURATION_CONSUMER_GROUP=
+PDPD_CONFIGURATION_CONSUMER_INSTANCE=
+PDPD_CONFIGURATION_PARTITION_KEY=
+
+# PAP
+
+PAP_HOST={{.Release.Name}}-{{.Values.global.pap.nameOverride}}
+PAP_USERNAME=testpap
+PAP_PASSWORD=alpha123
+
+# PDP-X
+
+PDP_HOST={{.Release.Name}}-{{.Values.global.pdp.nameOverride}}
+PDP_USERNAME=testpdp
+PDP_PASSWORD=alpha123
+PDP_CLIENT_USERNAME=python
+PDP_CLIENT_PASSWORD=test
+PDP_ENVIRONMENT=TEST
+
+# DCAE DMaaP
+
+DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT
+DCAE_SERVERS=dmaap
+
+# Open DMaaP
+
+DMAAP_SERVERS=dmaap
+
+# AAI
+
+AAI_URL=https://aai.api.simpledemo.openecomp.org:8443
+AAI_USERNAME=POLICY
+AAI_PASSWORD=POLICY
+
+# MSO
+
+SO_URL=http://mso:8080/ecomp/mso/infra
+SO_USERNAME=InfraPortalClient
+SO_PASSWORD=password1$
+
+# VFC
+
+VFC_URL=
+VFC_USERNAME=
+VFC_PASSWORD=
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh
new file mode 100644
index 0000000..62822ac
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh
@@ -0,0 +1,17 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#! /bin/bash
+
+${POLICY_HOME}/bin/features enable healthcheck
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf
new file mode 100644
index 0000000..cbb45a5
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf
@@ -0,0 +1,16 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+HEALTHCHECK_USER=healthcheck
+HEALTHCHECK_PASSWORD=zb!XztG34
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore
new file mode 100644
index 0000000..ab25c3a
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore
Binary files differ
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf
new file mode 100644
index 0000000..c2ccefe
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf
@@ -0,0 +1,19 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+CONTROLLER_ARTIFACT_ID=policy-management
+CONTROLLER_NAME=policy-management-controller
+CONTROLLER_PORT=9696
+RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT
+UEB_TOPIC=policyengine-develop
diff --git a/kubernetes/policy/charts/drools/resources/scripts/do-start.sh b/kubernetes/policy/charts/drools/resources/scripts/do-start.sh
new file mode 100644
index 0000000..1c40e11
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/scripts/do-start.sh
@@ -0,0 +1,50 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#!/bin/bash
+
+# skip installation if build.info file is present (restarting an existing container)
+if [[ -f /opt/app/policy/etc/build.info ]]; then
+	echo "Found existing installation, will not reinstall"
+	. /opt/app/policy/etc/profile.d/env.sh
+else 
+	# replace conf files from installer with environment-specific files
+	# mounted from the hosting VM
+	if [[ -d config ]]; then
+		cp config/*.conf .
+	fi
+
+	./docker-install.sh
+
+	. /opt/app/policy/etc/profile.d/env.sh
+
+	# install policy keystore
+	mkdir -p $POLICY_HOME/etc/ssl
+	cp config/policy-keystore $POLICY_HOME/etc/ssl
+
+	if [[ -x config/drools-tweaks.sh ]] ; then
+		echo "Executing tweaks"
+		# file may not be executable; running it as an
+		# argument to bash avoids needing execute perms.
+		bash config/drools-tweaks.sh
+	fi
+
+	# sql provisioning scripts should be invoked here.
+fi
+
+echo "Starting processes"
+
+policy start
+
+sleep 1000d
diff --git a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh
new file mode 100644
index 0000000..a6c054d
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh
@@ -0,0 +1,107 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#!/bin/bash
+
+if [ "$#" -ne 4 ]; then
+	echo "Usage: $(basename $0) <k8s-host> <policy-pdp-node-port> <policy-drools-node-port> <resource-id>"
+	exit 1
+fi
+
+K8S_HOST=$1
+POLICY_PDP_PORT=$2
+POLICY_DROOLS_PORT=$3
+RESOURCE_ID=$4
+
+echo
+echo
+echo "Removing the vFW Policy from PDP.."
+echo
+echo
+
+curl -v -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+  "pdpGroup": "default",
+  "policyComponent" : "PDP",
+  "policyName": "com.BRMSParamvFirewall",
+  "policyType": "BRMS_Param"
+}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/deletePolicy
+
+sleep 20
+
+echo
+
+echo
+echo "Updating vFW Operational Policy .."
+echo
+
+curl -v -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+  "policyConfigType": "BRMS_PARAM",
+  "policyName": "com.BRMSParamvFirewall",
+  "policyDescription": "BRMS Param vFirewall policy",
+  "policyScope": "com",
+  "attributes": {
+    "MATCHING": {
+      "controller": "amsterdam"
+    },
+    "RULE": {
+      "templateName": "ClosedLoopControlName",
+      "closedLoopControlName": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a",
+      "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+'${RESOURCE_ID}'%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
+    }
+  }
+}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/updatePolicy
+
+sleep 5
+
+echo
+echo
+echo "Pushing the vFW Policy .."
+echo
+echo
+
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+  "pdpGroup": "default",
+  "policyName": "com.BRMSParamvFirewall",
+  "policyType": "BRMS_Param"
+}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/pushPolicy
+
+sleep 20
+
+echo
+echo
+echo "Restarting PDP-D .."
+echo
+echo
+
+POD=$(kubectl --namespace onap-policy get pods | sed 's/ .*//'| grep drools)
+kubectl --namespace onap-policy exec -it ${POD} -- bash -c "source /opt/app/policy/etc/profile.d/env.sh && policy stop && sleep 5 && policy start"
+
+sleep 20
+
+echo
+echo
+echo "PDP-D amsterdam maven coordinates .."
+echo
+echo
+
+curl -vvv --silent --user @1b3rt:31nst31n -X GET http://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools  | python -m json.tool
+
+
+echo
+echo
+echo "PDP-D control loop updated .."
+echo
+echo
+
+curl -v --silent --user @1b3rt:31nst31n -X GET http://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params  | python -m json.tool
diff --git a/kubernetes/policy/charts/drools/templates/NOTES.txt b/kubernetes/policy/charts/drools/templates/NOTES.txt
new file mode 100644
index 0000000..91d8ed4
--- /dev/null
+++ b/kubernetes/policy/charts/drools/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/charts/drools/templates/configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml
new file mode 100644
index 0000000..36f458f
--- /dev/null
+++ b/kubernetes/policy/charts/drools/templates/configmap.yaml
@@ -0,0 +1,46 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-settings-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/drools/settings.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-script-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/scripts/do-start.sh*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-log-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/drools/logback.xml").AsConfig . | indent 2 }}
+
diff --git a/kubernetes/policy/charts/drools/templates/deployment.yaml b/kubernetes/policy/charts/drools/templates/deployment.yaml
new file mode 100644
index 0000000..349f882
--- /dev/null
+++ b/kubernetes/policy/charts/drools/templates/deployment.yaml
@@ -0,0 +1,180 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - {{ .Values.global.mariadb.nameOverride }}
+        - --container-name
+        - {{ .Values.global.nexus.nameOverride }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+      hostAliases:
+      - ip: "{{ .Values.aaiServiceClusterIp }}"
+        hostnames:
+        - "aai.api.simpledemo.openecomp.org"
+      containers:
+        - name: {{ include "common.name" . }}
+          image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          ports:
+          - containerPort: {{ .Values.service.externalPort }}
+          - containerPort: {{ .Values.service.externalPort2 }}
+          command:
+          - /bin/bash
+          - -c
+          - ./do-start.sh
+          {{- if eq .Values.liveness.enabled true }}
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.service.externalPort }}
+            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.liveness.periodSeconds }}
+          {{- end }}
+          readinessProbe:
+            tcpSocket:
+              port: {{ .Values.service.externalPort }}
+            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readiness.periodSeconds }}
+          env:
+          - name: REPLICAS
+            value: "{{ .Values.replicaCount }}"
+          volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          - mountPath: /tmp/policy-install/config/policy-keystore
+            name: drools-secret
+            subPath: policy-keystore
+          - mountPath: /tmp/policy-install/config/feature-healthcheck.conf
+            name: drools-secret
+            subPath: feature-healthcheck.conf
+          - mountPath: /tmp/policy-install/config/base.conf
+            name: drools-config
+            subPath: base.conf
+          - mountPath: /tmp/policy-install/config/policy-management.conf
+            name: drools-config
+            subPath: policy-management.conf
+          - mountPath: /tmp/policy-install/config/drools-tweaks.sh
+            name: drools-config
+            subPath: drools-tweaks.sh
+          - mountPath: /usr/share/maven/conf/settings.xml
+            name: drools-settingsxml
+            subPath: settings.xml
+          - mountPath: /var/log/onap
+            name: policy-logs
+          - mountPath: /tmp/logback.xml
+            name: policy-logback
+            subPath: logback.xml
+          - mountPath: /tmp/policy-install/do-start.sh
+            name: pe-scripts
+            subPath: do-start.sh
+          lifecycle:
+            postStart:
+              exec:
+                command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+        {{- if .Values.nodeSelector }}
+        - image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.loggingImage }}"
+          imagePullPolicy: {{ .Values.pullPolicy }}
+          name: filebeat-onap
+          volumeMounts:
+          - mountPath: /usr/share/filebeat/filebeat.yml
+            name: filebeat-conf
+            subPath: filebeat.yml
+          - mountPath: /var/log/onap
+            name: policy-logs
+          - mountPath: /usr/share/filebeat/data
+            name: policy-data-filebeat
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+        - name: filebeat-conf
+          configMap:
+            name: {{ .Release.Name }}-filebeat-configmap
+        - name: policy-logs
+          emptyDir: {}
+        - name: policy-data-filebeat
+          emptyDir: {}
+        - name: policy-logback
+          configMap:
+            name: {{ include "common.fullname" . }}-log-configmap
+        - name: drools-settingsxml
+          configMap:
+            name: {{ include "common.fullname" . }}-settings-configmap
+        - name: drools-config
+          configMap:
+            name: {{ include "common.fullname" . }}-configmap
+            items:
+            - key: base.conf
+              path: base.conf
+              mode: 0755
+            - key: policy-management.conf
+              path: policy-management.conf
+              mode: 0755
+            - key: drools-tweaks.sh
+              path: drools-tweaks.sh
+              mode: 0755
+        - name: drools-secret
+          secret:
+            secretName: {{ include "common.fullname" . }}-secret
+            items:
+            - key: policy-keystore
+              path: policy-keystore
+              mode: 0644
+            - key: feature-healthcheck.conf
+              path: feature-healthcheck.conf
+              mode: 0644
+        - name: pe-scripts
+          configMap:
+            name: {{ include "common.fullname" . }}-script-configmap
+            defaultMode: 0777
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/drools/templates/secrets.yaml b/kubernetes/policy/charts/drools/templates/secrets.yaml
new file mode 100644
index 0000000..18f5f16
--- /dev/null
+++ b/kubernetes/policy/charts/drools/templates/secrets.yaml
@@ -0,0 +1,27 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-secret
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
+type: Opaque
diff --git a/kubernetes/policy/charts/drools/templates/service.yaml b/kubernetes/policy/charts/drools/templates/service.yaml
new file mode 100644
index 0000000..4335f7c
--- /dev/null
+++ b/kubernetes/policy/charts/drools/templates/service.yaml
@@ -0,0 +1,42 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.externalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.name }}-{{ .Values.service.externalPort }}
+    - port: {{ .Values.service.externalPort2 }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+      name: {{ .Values.service.name }}-{{ .Values.service.externalPort2 }}
+    {{- else -}}
+    - port: {{ .Values.service.type.externalPort }}
+      targetPort: {{ .Values.service.type.internalPort }}
+      name: {{ .Values.service.name }}
+    {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml
new file mode 100644
index 0000000..14ebe31
--- /dev/null
+++ b/kubernetes/policy/charts/drools/values.yaml
@@ -0,0 +1,91 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.0.0
+  loggingRepository: docker.elastic.co
+  loggingImage: beats/filebeat:5.5.0
+  ubuntuImage: ubuntu:16.04
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-drools:1.2-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+aaiServiceClusterIp: 10.43.255.254
+# application configuration
+# Example:
+config: {}
+#  username: myusername
+#  password: mypassword
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: false
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+service:
+  type: NodePort
+  name: drools
+  externalPort: 6969
+  nodePort: 17
+  externalPort2: 9696
+  nodePort2: 21
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi
diff --git a/kubernetes/policy/charts/mariadb/Chart.yaml b/kubernetes/policy/charts/mariadb/Chart.yaml
new file mode 100644
index 0000000..c420e67
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Policy MariaDB Service
+name: mariadb
+version: 2.0.0
diff --git a/kubernetes/policy/charts/mariadb/requirements.yaml b/kubernetes/policy/charts/mariadb/requirements.yaml
new file mode 100644
index 0000000..f639633
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/requirements.yaml
@@ -0,0 +1,21 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/charts/mariadb/resources/config/db.sh b/kubernetes/policy/charts/mariadb/resources/config/db.sh
new file mode 100644
index 0000000..ead656e
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/resources/config/db.sh
@@ -0,0 +1,23 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#!/bin/bash -xv
+
+for db in support onap_sdk log
+do
+	mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
+	mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;"
+done
+
+mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;"
diff --git a/kubernetes/policy/charts/mariadb/templates/NOTES.txt b/kubernetes/policy/charts/mariadb/templates/NOTES.txt
new file mode 100644
index 0000000..57947a6
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/charts/mariadb/templates/configmap.yaml b/kubernetes/policy/charts/mariadb/templates/configmap.yaml
new file mode 100644
index 0000000..a819196
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/configmap.yaml
@@ -0,0 +1,21 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/charts/mariadb/templates/deployment.yaml b/kubernetes/policy/charts/mariadb/templates/deployment.yaml
new file mode 100644
index 0000000..65eb02c
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/deployment.yaml
@@ -0,0 +1,100 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      containers:
+        - name: {{ include "common.name" . }}
+          image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          ports:
+          - containerPort: {{ .Values.service.internalPort }}
+          # disable liveness probe when breakpoints set in debugger
+          # so K8s doesn't restart unresponsive container 
+          {{- if eq .Values.liveness.enabled true }}
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.service.internalPort }}
+            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.liveness.periodSeconds }}
+          {{ end -}}
+          readinessProbe:
+            tcpSocket:
+              port: {{ .Values.service.internalPort }}
+            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readiness.periodSeconds }}
+          env:
+          - name: MYSQL_ROOT_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ template "common.fullname" . }}-secret
+                key: db-root-password
+          - name: MYSQL_USER
+            value: policy_user
+          - name: MYSQL_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ template "common.fullname" . }}-secret
+                key: db-user-password
+          volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          - mountPath: /docker-entrypoint-initdb.d
+            name: mariadb-conf
+          - mountPath: /var/lib/mysql
+            name: mariadb-data
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+        {{- if .Values.nodeSelector }}
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+        - name: mariadb-conf
+          configMap:
+            name: {{ include "common.fullname" . }}-configmap
+            defaultMode: 0755
+        - name: mariadb-data
+        {{- if .Values.persistence.enabled }}
+          persistentVolumeClaim:
+            claimName: {{ include "common.fullname" . }}
+        {{- else }}
+          emptyDir: {}
+        {{- end }}
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/mariadb/templates/pv.yaml b/kubernetes/policy/charts/mariadb/templates/pv.yaml
new file mode 100644
index 0000000..da117f4
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/pv.yaml
@@ -0,0 +1,37 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    name: {{ include "common.fullname" . }}
+spec:
+  capacity:
+    storage: {{ .Values.persistence.size }}
+  accessModes:
+    - {{ .Values.persistence.accessMode }}
+  persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+  hostPath:
+    path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- end -}}
diff --git a/kubernetes/policy/charts/mariadb/templates/pvc.yaml b/kubernetes/policy/charts/mariadb/templates/pvc.yaml
new file mode 100644
index 0000000..e27c331
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/pvc.yaml
@@ -0,0 +1,48 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+  selector:
+    matchLabels:
+      name: {{ include "common.fullname" . }}
+  accessModes:
+    - {{ .Values.persistence.accessMode }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
diff --git a/kubernetes/policy/charts/mariadb/templates/secrets.yaml b/kubernetes/policy/charts/mariadb/templates/secrets.yaml
new file mode 100644
index 0000000..9f0c178
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/secrets.yaml
@@ -0,0 +1,29 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-secret
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+type: Opaque
+data:
+  db-root-password: {{ .Values.config.mysqlRootPassword | b64enc | quote }}
+  db-user-password: {{ .Values.config.mysqlPassword | b64enc | quote }}
+
diff --git a/kubernetes/policy/charts/mariadb/templates/service.yaml b/kubernetes/policy/charts/mariadb/templates/service.yaml
new file mode 100644
index 0000000..5447d91
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/service.yaml
@@ -0,0 +1,32 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  ports:
+    - port: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.name }}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
+  clusterIP: None
diff --git a/kubernetes/policy/charts/mariadb/values.yaml b/kubernetes/policy/charts/mariadb/values.yaml
new file mode 100644
index 0000000..23970cf
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/values.yaml
@@ -0,0 +1,76 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  persistence: {}
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: mariadb:10.0.34
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
+config:
+  mysqlRootPassword: secret
+  mysqlUserName: policy_user
+  mysqlPassword: policy_user
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: true
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+## Persist data to a persitent volume
+persistence:
+  enabled: true
+  volumeReclaimPolicy: Retain
+  accessMode: ReadWriteMany
+  size: 2Gi
+  mountPath: /dockerdata-nfs
+  mountSubPath: mariadb/data
+
+service:
+  type: ClusterIP
+  name: mariadb
+  internalPort: 3306
+
+ingress:
+  enabled: false
+
+resources: {}
diff --git a/kubernetes/policy/charts/pdp/Chart.yaml b/kubernetes/policy/charts/pdp/Chart.yaml
new file mode 100644
index 0000000..09a65ea
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Policy PDP
+name: pdp
+version: 2.0.0
diff --git a/kubernetes/policy/charts/pdp/requirements.yaml b/kubernetes/policy/charts/pdp/requirements.yaml
new file mode 100644
index 0000000..f639633
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/requirements.yaml
@@ -0,0 +1,21 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml b/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml
new file mode 100644
index 0000000..daa4112
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml
@@ -0,0 +1,150 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License. 
+-->
+
+<configuration scan="true" scanPeriod="3 seconds" debug="true">
+   <!--<jmxConfigurator /> -->
+   <!--  specify the base path of the log directory --> 
+   <property name="logDir" value="/var/log/onap" />
+   <!--  specify the component name -->
+   <property name="componentName" value="policy" />
+   <!-- specify the sub component name -->
+   <property name="subComponentName" value="xacml-pdp-rest" />
+   <!-- The directories where logs are written --> 
+   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
+   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+   <!--  log file names -->
+   <property name="errorLogName" value="error" />
+   <property name="metricsLogName" value="metrics" />
+   <property name="auditLogName" value="audit" />
+   <property name="debugLogName" value="debug" />
+   <property name="queueSize" value="256" />
+   <property name="maxFileSize" value="50MB" />
+   <property name="maxHistory" value="30" />
+   <property name="totalSizeCap" value="10GB" />
+   <!-- Example evaluator filter applied against console appender -->
+   <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <!-- ============================================================================ -->
+   <!-- EELF Appenders -->
+   <!-- ============================================================================ -->
+   <!-- The EELFAppender is used to record events to the general application 
+    log -->
+   <!-- EELF Audit Appender. This appender is used to record audit engine 
+    related logging events. The audit logger and appender are specializations 
+    of the EELF application root logger and appender. This can be used to segregate 
+    Policy engine events from other components, or it can be eliminated to record 
+    these events as part of the application root log. -->
+   <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
+      <file>${logDirectory}/${auditLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFAudit" />
+   </appender>
+   <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
+      <file>${logDirectory}/${metricsLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - 
+        %msg%n"</pattern> -->
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFMetrics" />
+   </appender>
+   <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">
+      <file>${logDirectory}/${errorLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+         <level>INFO</level>
+      </filter>
+   </appender>
+   <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFError" />
+   </appender>
+   <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+      <file>${logDirectory}/${debugLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFDebug" />
+      <includeCallerData>true</includeCallerData>
+   </appender>
+   <!-- ============================================================================ -->
+   <!--  EELF loggers -->
+   <!-- ============================================================================ -->
+   <logger name="com.att.eelf.audit" level="info" additivity="false">
+      <appender-ref ref="asyncEELFAudit" />
+   </logger>
+   <logger name="com.att.eelf.metrics" level="info" additivity="false">
+      <appender-ref ref="asyncEELFMetrics" />
+   </logger>
+   <logger name="com.att.eelf.error" level="info" additivity="false">
+      <appender-ref ref="asyncEELFError" />
+   </logger>
+   <logger name="com.att.eelf.debug" level="debug" additivity="false">
+      <appender-ref ref="asyncEELFDebug" />
+   </logger>
+   <root level="INFO">
+      <appender-ref ref="asyncEELFDebug" />
+   </root>
+</configuration>
diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh b/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh
new file mode 100644
index 0000000..6060fe9
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh
@@ -0,0 +1,16 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#! /bin/bash
+
diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
new file mode 100644
index 0000000..9dae9f2
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
@@ -0,0 +1,70 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# pdp component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9991
+TOMCAT_SHUTDOWN_PORT=8087
+SSL_HTTP_CONNECTOR_PORT=8081
+SSL_AJP_CONNECTOR_PORT=8381
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=1024
+TOMCAT_X_MX_MB=1024
+
+# pdp properties
+
+UEB_CLUSTER=dmaap
+
+REST_PAP_URL=http://{{ .Release.Name }}-{{ .Values.global.pap.nameOverride }}:9091/pap/
+REST_PDP_ID=http://{{ include "common.fullname" . }}:8081/pdp/
+REST_PDP_CONFIG=/opt/app/policy/servers/pdp/bin/config
+REST_PDP_WEBAPPS=/opt/app/policy/servers/pdp/webapps
+REST_PDP_REGISTER=true
+REST_PDP_REGISTER_SLEEP=15
+REST_PDP_REGISTER_RETRIES=-1
+REST_PDP_MAXCONTENT=999999999
+
+# PDP related properties
+PDP_HTTP_USER_ID=testpdp
+PDP_HTTP_PASSWORD=alpha123
+PDP_PAP_PDP_HTTP_USER_ID=testpap
+PDP_PAP_PDP_HTTP_PASSWORD=alpha123
+
+node_type=pdp_xacml
+resource_name=pdp_1
+dependency_groups=pdplp_1;brmsgw_1
+test_via_jmx=true
+
+#
+# Notification Properties
+# Notification type: websocket, ueb or dmaap... if left blank websocket is the default
+PDP_NOTIFICATION_TYPE=websocket
+PDP_UEB_CLUSTER=
+PDP_UEB_TOPIC=
+PDP_UEB_DELAY=
+PDP_UEB_API_KEY=
+PDP_UEB_API_SECRET=
+PDP_DMAAP_AAF_LOGIN=
+PDP_DMAAP_AAF_PASSWORD=
+
+#AAF Policy Name space
+#Required only, when we use AAF
+POLICY_AAF_NAMESPACE=
+POLICY_AAF_RESOURCE=
+
+# Indeterminate resolution
+DECISION_INDETERMINATE_RESPONSE=PERMIT
diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf
new file mode 100644
index 0000000..141eb28
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf
@@ -0,0 +1,26 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# JVM specific parameters
+LOGPARSER_JMX_PORT=9997
+LOGPARSER_X_MS_MB=1024
+LOGPARSER_X_MX_MB=1024
+
+SERVER=http://{{ include "common.fullname" . }}:8081/pdp/
+LOGPATH=/opt/app/policy/servers/pdp/logs/pdp-rest.log
+PARSERLOGPATH=IntegrityMonitor.log
+
+node_type=logparser
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=pdplp_1
diff --git a/kubernetes/policy/charts/pdp/templates/NOTES.txt b/kubernetes/policy/charts/pdp/templates/NOTES.txt
new file mode 100644
index 0000000..91d8ed4
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/charts/pdp/templates/configmap.yaml b/kubernetes/policy/charts/pdp/templates/configmap.yaml
new file mode 100644
index 0000000..76a4c0f
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/templates/configmap.yaml
@@ -0,0 +1,29 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-log-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/xacml-pdp-rest/logback.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-pe-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/charts/pdp/templates/service.yaml b/kubernetes/policy/charts/pdp/templates/service.yaml
new file mode 100644
index 0000000..aed3fd1
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/templates/service.yaml
@@ -0,0 +1,52 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+  annotations:
+    msb.onap.org/service-info: '[
+      {
+          "serviceName": "{{ include "common.fullname" . }}",
+          "version": "v1",
+          "url": "/pdp",
+          "protocol": "REST",
+          "port": "8081",
+          "visualRange":"1"
+      },
+      ]'
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.externalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.name }}
+    {{- else -}}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.name }}
+    {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
+  sessionAffinity: None
+  
diff --git a/kubernetes/policy/charts/pdp/templates/statefulset.yaml b/kubernetes/policy/charts/pdp/templates/statefulset.yaml
new file mode 100644
index 0000000..367cde4
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/templates/statefulset.yaml
@@ -0,0 +1,143 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  serviceName: {{ include "common.fullname" . }}
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ include "common.name" . }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - {{ .Values.global.pap.nameOverride }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+      containers:
+      - command:
+        - /bin/bash
+        - ./do-start.sh
+        - pdp
+        name: {{ include "common.name" . }}
+        image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        ports:
+        - containerPort: {{ .Values.service.externalPort }}
+        {{- if eq .Values.liveness.enabled true }}
+        livenessProbe:
+          tcpSocket:
+            port: {{ .Values.service.externalPort }}
+          initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.liveness.periodSeconds }}
+        {{- end }}
+        readinessProbe:
+          tcpSocket:
+            port: {{ .Values.service.externalPort }}
+          initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.readiness.periodSeconds }}
+        volumeMounts:
+        - mountPath: /etc/localtime
+          name: localtime
+          readOnly: true
+        - mountPath: /tmp/policy-install/config/base.conf
+          name: pe
+          subPath: base.conf
+        - mountPath: /tmp/policy-install/config/
+          name: pe-pdp
+        - mountPath: /tmp/policy-install/do-start.sh
+          name: pe-scripts
+          subPath: do-start.sh
+        - mountPath: /var/log/onap
+          name: policy-logs
+        - mountPath:  /tmp/logback.xml
+          name: policy-logback
+          subPath: logback.xml
+        lifecycle:
+          postStart:
+            exec:
+              command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pdp/webapps/pdp/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+      - image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: filebeat-onap
+        volumeMounts:
+        - mountPath: /usr/share/filebeat/filebeat.yml
+          name: filebeat-conf
+          subPath: filebeat.yml
+        - mountPath: /var/log/onap
+          name: policy-logs
+        - mountPath: /usr/share/filebeat/data
+          name: policy-data-filebeat
+        resources:
+{{ toYaml .Values.resources | indent 12 }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+      {{- end -}}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+      - name: localtime
+        hostPath:
+          path: /etc/localtime
+      - name: filebeat-conf
+        configMap:
+          name: {{ .Release.Name }}-filebeat-configmap
+      - name: policy-logs
+        emptyDir: {}
+      - name: policy-data-filebeat
+        emptyDir: {}
+      - name: policy-logback
+        configMap:
+          name: {{ include "common.fullname" . }}-log-configmap
+      - name: pe
+        configMap:
+          name: {{ .Release.Name }}-pe-configmap
+          defaultMode: 0755
+      - name: pe-scripts
+        configMap:
+          name: {{ .Release.Name }}-pe-scripts-configmap
+          defaultMode: 0777
+      - name: pe-pdp
+        configMap:
+          name: {{ include "common.fullname" . }}-pe-configmap
+          defaultMode: 0755
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml
new file mode 100644
index 0000000..c2b7580
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/values.yaml
@@ -0,0 +1,90 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.1.0
+  loggingRepository: docker.elastic.co
+  loggingImage: beats/filebeat:5.5.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-pe:1.2-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
+config: {}
+#  username: myusername
+#  password: mypassword
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: true
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+service:
+  type: NodePort
+  name: pdp
+  externalPort: 8081
+  #Example internal target port if required
+  #internalPort: <80>
+  nodePort: 20
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi
diff --git a/kubernetes/policy/charts/policy-common/Chart.yaml b/kubernetes/policy/charts/policy-common/Chart.yaml
new file mode 100644
index 0000000..f853be0
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Policy Common
+name: policy-common
+version: 2.0.0
diff --git a/kubernetes/policy/charts/policy-common/requirements.yaml b/kubernetes/policy/charts/policy-common/requirements.yaml
new file mode 100644
index 0000000..f639633
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/requirements.yaml
@@ -0,0 +1,21 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/charts/policy-common/resources/config/log/filebeat/filebeat.yml b/kubernetes/policy/charts/policy-common/resources/config/log/filebeat/filebeat.yml
new file mode 100644
index 0000000..b0d4690
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/resources/config/log/filebeat/filebeat.yml
@@ -0,0 +1,41 @@
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+  #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+  paths:
+    - /var/log/onap/*/*/*/*.log
+    - /var/log/onap/*/*/*.log
+    - /var/log/onap/*/*.log
+  #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+  ignore_older: 48h
+  # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+  clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+  #List of logstash server ip addresses with port number.
+  #But, in our case, this will be the loadbalancer IP address.
+  #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+  hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"]
+  #If enable will do load balancing among availabe Logstash, automatically.
+  loadbalance: true
+
+  #The list of root certificates for server verifications.
+  #If certificate_authorities is empty or not set, the trusted
+  #certificate authorities of the host system are used.
+  #ssl.certificate_authorities: $ssl.certificate_authorities
+
+  #The path to the certificate for SSL client authentication. If the certificate is not specified,
+  #client authentication is not available.
+  #ssl.certificate: $ssl.certificate
+
+  #The client certificate key used for client authentication.
+  #ssl.key: $ssl.key
+
+  #The passphrase used to decrypt an encrypted key stored in the configured key file
+  #ssl.key_passphrase: $ssl.key_passphrase
diff --git a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf
new file mode 100644
index 0000000..885a114
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf
@@ -0,0 +1,38 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
+POLICY_HOME=/opt/app/policy
+KEYSTORE_PASSWD=PolicyR0ck$
+
+JDBC_DRIVER=org.mariadb.jdbc.Driver
+JDBC_URL=jdbc:mariadb://{{ .Release.Name }}-{{ .Values.global.mariadb.nameOverride }}:3306/onap_sdk?failOverReadOnly=false&autoReconnect=true
+JDBC_LOG_URL=jdbc:mariadb://{{ .Release.Name }}-{{ .Values.global.mariadb.nameOverride }}:3306/log?failOverReadOnly=false&autoReconnect=true
+JDBC_USER=policy_user
+JDBC_PASSWORD=policy_user
+
+site_name=site_1
+fp_monitor_interval=30
+failed_counter_threshold=3
+test_trans_interval=20
+write_fpc_interval=5
+max_fpc_update_interval=60
+test_via_jmx=false
+jmx_fqdn=
+
+ENVIRONMENT=TEST
+
+#Micro Service Model Properties
+policy_msOnapName=
+policy_msPolicyName=
diff --git a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh
new file mode 100644
index 0000000..35842e4
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh
@@ -0,0 +1,92 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#!/bin/bash
+
+# Script to configure and start the Policy components that are to run in the designated container,
+# It is intended to be used as the entrypoint in the Dockerfile, so the last statement of the
+# script just goes into a long sleep so that the script does not exit (which would cause the
+# container to be torn down).
+
+container=$1
+
+case $container in
+pap)
+	comps="base pap paplp console mysql elk"
+	;;
+pdp)
+	comps="base pdp pdplp"
+	;;
+brmsgw)
+	comps="base brmsgw"
+	;;
+*)
+	echo "Usage: do-start.sh pap|pdp|brmsgw" >&2
+	exit 1
+esac
+
+
+# skip installation if build.info file is present (restarting an existing container)
+if [[ -f /opt/app/policy/etc/build.info ]]; then
+	echo "Found existing installation, will not reinstall"
+	. /opt/app/policy/etc/profile.d/env.sh
+
+else 
+	if [[ -d config ]]; then
+		cp config/*.conf .
+	fi
+
+	for comp in $comps; do
+		echo "Installing component: $comp"
+		./docker-install.sh --install $comp
+	done
+	for comp in $comps; do
+		echo "Configuring component: $comp"
+		./docker-install.sh --configure $comp
+	done
+
+	. /opt/app/policy/etc/profile.d/env.sh
+
+	# install keystore
+	#changed to use http instead of http, so keystore no longer needed
+	#cp config/policy-keystore.jks $POLICY_HOME/etc/ssl/policy-keystore
+	
+	if [[ -f config/$container-tweaks.sh ]] ; then
+		# file may not be executable; running it as an
+		# argument to bash avoids needing execute perms.
+		bash config/$container-tweaks.sh
+	fi
+
+	if [[ $container == pap ]]; then
+		# wait for DB up
+		# now that DB is up, invoke database upgrade
+		# (which does nothing if the db is already up-to-date)
+		dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=))
+		dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=))
+		db_upgrade_remote.sh $dbuser $dbpw {{.Release.Name}}-{{.Values.global.mariadb.nameOverride}}
+	fi
+
+fi
+
+policy.sh start
+
+# on pap, wait for pap, pdp, brmsgw, nexus and drools up,
+# then push the initial default policies
+if [[ $container == pap ]]; then
+	# wait addional 1 minute for all processes to get fully initialized and synched up
+	sleep 60
+	bash -xv config/push-policies.sh
+fi
+
+sleep 1000d
diff --git a/kubernetes/policy/charts/policy-common/templates/NOTES.txt b/kubernetes/policy/charts/policy-common/templates/NOTES.txt
new file mode 100644
index 0000000..91d8ed4
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/charts/policy-common/templates/configmap.yaml b/kubernetes/policy/charts/policy-common/templates/configmap.yaml
new file mode 100644
index 0000000..23311c6
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/templates/configmap.yaml
@@ -0,0 +1,37 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-pe-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-pe-scripts-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/scripts/do-start.sh").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-filebeat-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/charts/policy-common/values.yaml b/kubernetes/policy/charts/policy-common/values.yaml
new file mode 100644
index 0000000..8ac609d
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/values.yaml
@@ -0,0 +1,82 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.0.0
+  loggingRepository: docker.elastic.co
+  loggingImage: beats/filebeat:5.5.0
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
+config:
+  logstashServiceName: log-ls
+  logstashPort: 5044
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: true
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+service:
+  type: NodePort
+  name: <onap-app>
+  externalPort: <8080>
+  #Example internal target port if required
+  #internalPort: <80>
+  nodePort: <replace with unused node port suffix eg. 23>
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi